1 /*
2 * Copyright (c) 2003, 2015, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package sun.net.spi;
27
28 import java.net.InetSocketAddress;
29 import java.net.Proxy;
30 import java.net.ProxySelector;
31 import java.net.SocketAddress;
32 import java.net.URI;
33 import java.util.ArrayList;
34 import java.util.List;
35 import java.io.IOException;
36 import java.security.AccessController;
37 import java.security.PrivilegedAction;
38 import java.util.StringJoiner;
39 import java.util.regex.Pattern;
40 import sun.net.NetProperties;
41 import sun.net.SocksProxy;
42 import static java.util.regex.Pattern.quote;
43
44 /**
45 * Supports proxy settings using system properties This proxy selector
46 * provides backward compatibility with the old http protocol handler
47 * as far as how proxy is set
48 *
49 * Most of the implementation copied from the old http protocol handler
50 *
51 * Supports http/https/ftp.proxyHost, http/https/ftp.proxyPort,
52 * proxyHost, proxyPort, and http/https/ftp.nonProxyHost, and socks.
53 * NOTE: need to do gopher as well
54 */
55 public class DefaultProxySelector extends ProxySelector {
56
57 /**
58 * This is where we define all the valid System Properties we have to
59 * support for each given protocol.
60 * The format of this 2 dimensional array is :
61 * - 1 row per protocol (http, ftp, ...)
62 * - 1st element of each row is the protocol name
63 * - subsequent elements are prefixes for Host & Port properties
64 * listed in order of priority.
65 * Example:
66 * {"ftp", "ftp.proxy", "ftpProxy", "proxy", "socksProxy"},
67 * means for FTP we try in that oder:
68 * + ftp.proxyHost & ftp.proxyPort
69 * + ftpProxyHost & ftpProxyPort
70 * + proxyHost & proxyPort
71 * + socksProxyHost & socksProxyPort
72 *
73 * Note that the socksProxy should *always* be the last on the list
74 */
75 static final String[][] props = {
76 /*
77 * protocol, Property prefix 1, Property prefix 2, ...
78 */
79 {"http", "http.proxy", "proxy", "socksProxy"},
80 {"https", "https.proxy", "proxy", "socksProxy"},
81 {"ftp", "ftp.proxy", "ftpProxy", "proxy", "socksProxy"},
82 {"gopher", "gopherProxy", "socksProxy"},
83 {"socket", "socksProxy"}
84 };
85
86 private static final String SOCKS_PROXY_VERSION = "socksProxyVersion";
87
88 private static boolean hasSystemProxies = false;
89
90 static {
91 final String key = "java.net.useSystemProxies";
92 Boolean b = AccessController.doPrivileged(
93 new PrivilegedAction<Boolean>() {
94 public Boolean run() {
95 return NetProperties.getBoolean(key);
96 }});
97 if (b != null && b.booleanValue()) {
98 java.security.AccessController.doPrivileged(
99 new java.security.PrivilegedAction<Void>() {
100 public Void run() {
101 System.loadLibrary("net");
102 return null;
103 }
104 });
105 hasSystemProxies = init();
106 }
107 }
108
109 public static int socksProxyVersion() {
110 return AccessController.doPrivileged(
111 new PrivilegedAction<Integer>() {
112 @Override public Integer run() {
113 return NetProperties.getInteger(SOCKS_PROXY_VERSION, 5);
114 }
115 });
116 }
117
118 /**
119 * How to deal with "non proxy hosts":
120 * since we do have to generate a pattern we don't want to do that if
121 * it's not necessary. Therefore we do cache the result, on a per-protocol
122 * basis, and change it only when the "source", i.e. the system property,
123 * did change.
124 */
125
126 static class NonProxyInfo {
127 // Default value for nonProxyHosts, this provides backward compatibility
128 // by excluding localhost and its litteral notations.
129 static final String defStringVal = "localhost|127.*|[::1]|0.0.0.0|[::0]";
130
131 String hostsSource;
132 Pattern pattern;
133 final String property;
134 final String defaultVal;
135 static NonProxyInfo ftpNonProxyInfo = new NonProxyInfo("ftp.nonProxyHosts", null, null, defStringVal);
136 static NonProxyInfo httpNonProxyInfo = new NonProxyInfo("http.nonProxyHosts", null, null, defStringVal);
137 static NonProxyInfo socksNonProxyInfo = new NonProxyInfo("socksNonProxyHosts", null, null, defStringVal);
138
139 NonProxyInfo(String p, String s, Pattern pattern, String d) {
140 property = p;
141 hostsSource = s;
142 this.pattern = pattern;
143 defaultVal = d;
144 }
145 }
146
147
148 /**
149 * select() method. Where all the hard work is done.
150 * Build a list of proxies depending on URI.
151 * Since we're only providing compatibility with the system properties
152 * from previous releases (see list above), that list will always
153 * contain 1 single proxy, default being NO_PROXY.
154 */
155 public java.util.List<Proxy> select(URI uri) {
156 if (uri == null) {
157 throw new IllegalArgumentException("URI can't be null.");
158 }
159 String protocol = uri.getScheme();
160 String host = uri.getHost();
161
162 if (host == null) {
163 // This is a hack to ensure backward compatibility in two
164 // cases: 1. hostnames contain non-ascii characters,
165 // internationalized domain names. in which case, URI will
166 // return null, see BugID 4957669; 2. Some hostnames can
167 // contain '_' chars even though it's not supposed to be
168 // legal, in which case URI will return null for getHost,
169 // but not for getAuthority() See BugID 4913253
170 String auth = uri.getAuthority();
171 if (auth != null) {
172 int i;
173 i = auth.indexOf('@');
174 if (i >= 0) {
175 auth = auth.substring(i+1);
176 }
177 i = auth.lastIndexOf(':');
178 if (i >= 0) {
179 auth = auth.substring(0,i);
180 }
181 host = auth;
182 }
183 }
184
185 if (protocol == null || host == null) {
186 throw new IllegalArgumentException("protocol = "+protocol+" host = "+host);
187 }
188 List<Proxy> proxyl = new ArrayList<Proxy>(1);
189
190 NonProxyInfo pinfo = null;
191
192 if ("http".equalsIgnoreCase(protocol)) {
193 pinfo = NonProxyInfo.httpNonProxyInfo;
194 } else if ("https".equalsIgnoreCase(protocol)) {
195 // HTTPS uses the same property as HTTP, for backward
196 // compatibility
197 pinfo = NonProxyInfo.httpNonProxyInfo;
198 } else if ("ftp".equalsIgnoreCase(protocol)) {
199 pinfo = NonProxyInfo.ftpNonProxyInfo;
200 } else if ("socket".equalsIgnoreCase(protocol)) {
201 pinfo = NonProxyInfo.socksNonProxyInfo;
202 }
203
204 /**
205 * Let's check the System properties for that protocol
206 */
207 final String proto = protocol;
208 final NonProxyInfo nprop = pinfo;
209 final String urlhost = host.toLowerCase();
210
211 /**
212 * This is one big doPrivileged call, but we're trying to optimize
213 * the code as much as possible. Since we're checking quite a few
214 * System properties it does help having only 1 call to doPrivileged.
215 * Be mindful what you do in here though!
216 */
217 Proxy p = AccessController.doPrivileged(
218 new PrivilegedAction<Proxy>() {
219 public Proxy run() {
220 int i, j;
221 String phost = null;
222 int pport = 0;
223 String nphosts = null;
224 InetSocketAddress saddr = null;
225
226 // Then let's walk the list of protocols in our array
227 for (i=0; i<props.length; i++) {
228 if (props[i][0].equalsIgnoreCase(proto)) {
229 for (j = 1; j < props[i].length; j++) {
230 /* System.getProp() will give us an empty
231 * String, "" for a defined but "empty"
232 * property.
233 */
234 phost = NetProperties.get(props[i][j]+"Host");
235 if (phost != null && phost.length() != 0)
236 break;
237 }
238 if (phost == null || phost.length() == 0) {
239 /**
240 * No system property defined for that
241 * protocol. Let's check System Proxy
242 * settings (Gnome & Windows) if we were
243 * instructed to.
244 */
245 if (hasSystemProxies) {
246 String sproto;
247 if (proto.equalsIgnoreCase("socket"))
248 sproto = "socks";
249 else
250 sproto = proto;
251 Proxy sproxy = getSystemProxy(sproto, urlhost);
252 if (sproxy != null) {
253 return sproxy;
254 }
255 }
256 return Proxy.NO_PROXY;
257 }
258 // If a Proxy Host is defined for that protocol
259 // Let's get the NonProxyHosts property
260 if (nprop != null) {
261 nphosts = NetProperties.get(nprop.property);
262 synchronized (nprop) {
263 if (nphosts == null) {
264 if (nprop.defaultVal != null) {
265 nphosts = nprop.defaultVal;
266 } else {
267 nprop.hostsSource = null;
268 nprop.pattern = null;
269 }
270 } else if (nphosts.length() != 0) {
271 // add the required default patterns
272 // but only if property no set. If it
273 // is empty, leave empty.
274 nphosts += "|" + NonProxyInfo
275 .defStringVal;
276 }
277 if (nphosts != null) {
278 if (!nphosts.equals(nprop.hostsSource)) {
279 nprop.pattern = toPattern(nphosts);
280 nprop.hostsSource = nphosts;
281 }
282 }
283 if (shouldNotUseProxyFor(nprop.pattern, urlhost)) {
284 return Proxy.NO_PROXY;
285 }
286 }
287 }
288 // We got a host, let's check for port
289
290 pport = NetProperties.getInteger(props[i][j]+"Port", 0).intValue();
291 if (pport == 0 && j < (props[i].length - 1)) {
292 // Can't find a port with same prefix as Host
293 // AND it's not a SOCKS proxy
294 // Let's try the other prefixes for that proto
295 for (int k = 1; k < (props[i].length - 1); k++) {
296 if ((k != j) && (pport == 0))
297 pport = NetProperties.getInteger(props[i][k]+"Port", 0).intValue();
298 }
299 }
300
301 // Still couldn't find a port, let's use default
302 if (pport == 0) {
303 if (j == (props[i].length - 1)) // SOCKS
304 pport = defaultPort("socket");
305 else
306 pport = defaultPort(proto);
307 }
308 // We did find a proxy definition.
309 // Let's create the address, but don't resolve it
310 // as this will be done at connection time
311 saddr = InetSocketAddress.createUnresolved(phost, pport);
312 // Socks is *always* the last on the list.
313 if (j == (props[i].length - 1)) {
314 return SocksProxy.create(saddr, socksProxyVersion());
315 } else {
316 return new Proxy(Proxy.Type.HTTP, saddr);
317 }
318 }
319 }
320 return Proxy.NO_PROXY;
321 }});
322
323 proxyl.add(p);
324
325 /*
326 * If no specific property was set for that URI, we should be
327 * returning an iterator to an empty List.
328 */
329 return proxyl;
330 }
331
332 public void connectFailed(URI uri, SocketAddress sa, IOException ioe) {
333 if (uri == null || sa == null || ioe == null) {
334 throw new IllegalArgumentException("Arguments can't be null.");
335 }
336 // ignored
337 }
338
339
340 private int defaultPort(String protocol) {
341 if ("http".equalsIgnoreCase(protocol)) {
342 return 80;
343 } else if ("https".equalsIgnoreCase(protocol)) {
344 return 443;
345 } else if ("ftp".equalsIgnoreCase(protocol)) {
346 return 80;
347 } else if ("socket".equalsIgnoreCase(protocol)) {
348 return 1080;
349 } else if ("gopher".equalsIgnoreCase(protocol)) {
350 return 80;
351 } else {
352 return -1;
353 }
354 }
355
356 private static native boolean init();
357 private synchronized native Proxy getSystemProxy(String protocol, String host);
358
359 /**
360 * @return {@code true} if given this pattern for non-proxy hosts and this
361 * urlhost the proxy should NOT be used to access this urlhost
362 */
363 static boolean shouldNotUseProxyFor(Pattern pattern, String urlhost) {
364 if (pattern == null || urlhost.isEmpty())
365 return false;
366 boolean matches = pattern.matcher(urlhost).matches();
367 return matches;
368 }
369
370 /**
371 * @param mask non-null mask
372 * @return {@link java.util.regex.Pattern} corresponding to this mask
373 * or {@code null} in case mask should not match anything
374 */
375 static Pattern toPattern(String mask) {
376 boolean disjunctionEmpty = true;
377 StringJoiner joiner = new StringJoiner("|");
378 for (String disjunct : mask.split("\\|")) {
379 if (disjunct.isEmpty())
380 continue;
381 disjunctionEmpty = false;
382 String regex = disjunctToRegex(disjunct.toLowerCase());
383 joiner.add(regex);
384 }
385 return disjunctionEmpty ? null : Pattern.compile(joiner.toString());
386 }
387
388 /**
389 * @param disjunct non-null mask disjunct
390 * @return java regex string corresponding to this mask
391 */
392 static String disjunctToRegex(String disjunct) {
393 String regex;
394 if (disjunct.startsWith("*")) {
395 regex = ".*" + quote(disjunct.substring(1));
396 } else if (disjunct.endsWith("*")) {
397 regex = quote(disjunct.substring(0, disjunct.length() - 1)) + ".*";
398 } else {
399 regex = quote(disjunct);
400 }
401 return regex;
402 }
403 }